Container Runtime Vulnerability in Youki by Youki Dev
CVE-2025-62161

7.3HIGH

Key Information:

Vendor

Youki-dev

Status
Youki
Vendor
CVE Published:
5 November 2025

What is CVE-2025-62161?

Youki, a container runtime developed in Rust, has a vulnerability in its initial validation process of the source file /dev/null in versions prior to 0.5.7. This insufficiency can potentially allow for a container escape when the runtime employs a bind mount approach with the container's /dev/null as a file mask. Users are urged to update to version 0.5.7 to mitigate this issue.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

youki < 0.5.7

References

https://github.com/youki-dev/youki/security/advisories/GH...
x_refsource_CONFIRM
https://github.com/youki-dev/youki/security/advisories/GH...
x_refsource_MISC
https://github.com/youki-dev/youki/commit/5886c91073b9be7...
x_refsource_MISC

CVSS V4

Score:
7.3
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Attack Required:
Physical
Privileges Required:
Undefined
User Interaction:
Unknown

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.